Password-sharing case divides Ninth Circuit in Nosal II

[Commentary] The Ninth Circuit has handed down United States v. Nosal (“Nosal II“), a case on the scope of the Computer Fraud and Abuse Act. The court held 2-1 that former employees of a company who had their company accounts revoked violated the CFAA when they subsequently used the passwords of a current employee, with the current employee’s permission, to access the company’s computers. I think that the majority’s result is right on its facts but that its analysis is less helpful than it could be. This post explains my thinking, and it then explains the likely importance of the Ninth Circuit’s still-pending case in Facebook v. Power Ventures.

[Orin Kerr is the Fred C. Stevenson Research Professor at The George Washington University Law School]